Welcome to NeoOffice developer notes and announcements
NeoOffice
Developer notes and announcements
 
 

This website is an archive and is no longer active
NeoOffice announcements have moved to the NeoOffice News website


Support
· Forums
· NeoOffice Support
· NeoWiki


Announcements
· Twitter @NeoOffice


Downloads
· Download NeoOffice


  
NeoOffice :: View topic - Why does registration e-mail passwords?
Why does registration e-mail passwords?
 
   NeoOffice Forum Index -> Server Outages
View previous topic :: View next topic  
Author Message
glenk1973
Blue Pill


Joined: Sep 07, 2006
Posts: 1

PostPosted: Thu Sep 07, 2006 9:56 pm    Post subject: Why does registration e-mail passwords?

The system requires passwords for new forum accounts to be at least 8 characters long, supposedly for greater security, but then it goes and e-mails the password to the new user once registration is complete. In my opinion, passwords should not be e-mailed to people if security is a concern. If security is not a concern, then let people enter passwords shorter than 8 characters.
Back to top
LemonAid
The Anomaly


Joined: Nov 21, 2005
Posts: 1285
Location: Witless Protection Program

PostPosted: Fri Sep 08, 2006 2:30 pm    Post subject: Re: Why does registration e-mail passwords?

glenk1973 wrote:
The system requires passwords for new forum accounts to be at least 8 characters long, supposedly for greater security, but then it goes and e-mails the password to the new user once registration is complete.
In my opinion, passwords should not be e-mailed to people if security is a concern. If security is not a concern, then let people enter passwords shorter than 8 characters.

Welcome to NeoOffice community Forum.

<personal opinion> I manage several computer sytems and Web sites and it's ... hard to not send email passwords to users scattere about the world. BUT sending Passwords without including the Username on the same email is what I do for many sites. Embarassed
I NEVER send both on one email because email messages can survive for a very long time. The Risk is small.

The reason for having passwords 8 or more characters (and should be non-dictionary words, include Upper and lower case, AND numbers and/or special characters) is because there are many programs that will try every combinition. Having at least 8 reduces the risk by greatly increasing the time and effort.
AND most systems will lock the account if there are 3+ failures.

The Internet is a very ... dangerous place. Others are not willing to take the additional ... risk.
The requirements are to protect you from those who would ... do you harm.

Philip ( up to my ... behind in Passwords -> Ou812-C? Wink )

\ No real passwords were used, or hurt in this message! Cool
Back to top
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Mon Sep 11, 2006 3:26 am    Post subject:

Well, the real reason why passwords are e-mailed is because that's how phpBB+nuke were configured Smile The underlying principle behind the e-mailing of passwords/registration isn't for security, but rather to try and ensure that the person trying to register is actually a human and not a spambot. Of course spambots are getting more clever and some are actually able to reply to registration e-mails too...

ed
Back to top
Display posts from previous:   
   NeoOffice Forum Index -> Server Outages All times are GMT - 7 Hours
Page 1 of 1

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum

Powered by phpBB © 2001, 2005 phpBB Group

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © Planamesa Inc.
NeoOffice is a registered trademark of Planamesa Inc. and may not be used without permission.
PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.